Re: Hardening CentOS by removing "hacker" tools

[Date Prev][Date Next][Thread Prev][Thread Next][Date Index][Thread Index]



On Fri, Jun 6, 2008 at 7:54 PM, Luke S Crawford <lsc@xxxxxxxxx> wrote:
> "Filipe Brandenburger" <filbranden@xxxxxxxxx> writes:
>> My boss asked me to harden a CentOS box by removing "hacker" tools,
>> such as nmap, tcpdump, nc (netcat), telnet, etc.
>
> Removing network tools does not make it harder to break into the box,
> however, it can make it harder to do something with it once you are in.
> removing those tools might help keep an infection from spreading, but it
> wont protect the box itself.  (also, just installing the programs just
> means that if your box get compromised, the hacker needs to install
> some new packages.  Not difficult, even without root-  the attacker
> can install to the compromised user homedir.)

But removing networking would :)

-- 
-matt
_______________________________________________
CentOS mailing list
CentOS@xxxxxxxxxx
http://lists.centos.org/mailman/listinfo/centos

[Index of Archives]     [CentOS]     [CentOS Announce]     [CentOS Development]     [CentOS ARM Devel]     [CentOS Docs]     [CentOS Virtualization]     [Carrier Grade Linux]     [Linux Media]     [Asterisk]     [DCCP]     [Netdev]     [Xorg]     [Linux USB]
  Powered by Linux